Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Jan. 22, 2025, 6:04 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
61	7.8	重要 Local	デル	repository manager	デルの repository manager におけるパストラバーサルの脆弱性 New	CWE-20 CWE-22	CVE-2024-28976	2025-01-22 16:26	2024-04-24	Show	GitHub Exploit DB Packet Storm

62	7.1	重要 Local	sixlabors	imagesharp	sixlabors の imagesharp における解放済みメモリの使用に関する脆弱性 New	CWE-416 CWE-416	CVE-2024-27929	2025-01-22 16:24	2024-03-5	Show	GitHub Exploit DB Packet Storm

63	5.4	警告 Network	exclusiveaddons	exclusive addons for elementor	exclusiveaddons の WordPress 用 exclusive addons for elementor におけるクロスサイトスクリプティングの脆弱性 New	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2024-2751	2025-01-22 16:22	2024-05-2	Show	GitHub Exploit DB Packet Storm

64	8.1	重要 Network	WonderCMS	WonderCMS	WonderCMS におけるサーバサイドのリクエストフォージェリの脆弱性 New	CWE-918 CWE-918	CVE-2024-27561	2025-01-22 16:22	2024-03-5	Show	GitHub Exploit DB Packet Storm

65	5.4	警告 Network	Booster	Booster for WooCommerce	Booster の WordPress 用 Booster for WooCommerce におけるクロスサイトスクリプティングの脆弱性 New	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2024-1534	2025-01-22 16:18	2024-03-7	Show	GitHub Exploit DB Packet Storm

66	5.4	警告 Network	Ninja Team	wp chat app	Ninja Team の WordPress 用 wp chat app におけるクロスサイトスクリプティングの脆弱性 New	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2024-1761	2025-01-22 16:18	2024-03-7	Show	GitHub Exploit DB Packet Storm

67	8.2	重要 Network	ThemeKraft	post form	ThemeKraft の WordPress 用 post form における脆弱性 New	CWE-noinfo 情報不足	CVE-2024-1170	2025-01-22 16:16	2024-03-7	Show	GitHub Exploit DB Packet Storm

68	6.5	警告 Network	ZyXEL	USG FLEX 100H ファームウェア atp700 ファームウェア USG FLEX 100AX ファームウェア usg flex 100 ファームウェア ATP200 ファームウェア ATP100 ファームウェア usg f…	複数の ZyXEL 製品における脆弱性 New	CWE-134 CWE-noinfo	CVE-2023-6399	2025-01-22 15:58	2023-11-30	Show	GitHub Exploit DB Packet Storm

69	7.5	重要 Network	ThemeKraft	post form	ThemeKraft の WordPress 用 post form における脆弱性 New	CWE-noinfo 情報不足	CVE-2024-1169	2025-01-22 15:58	2024-03-7	Show	GitHub Exploit DB Packet Storm

70	5.4	警告 Network	bdthemes	prime slider	bdthemes の WordPress 用 prime slider におけるクロスサイトスクリプティングの脆弱性 New	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2024-1506	2025-01-22 15:57	2024-03-7	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Jan. 22, 2025, 4:11 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
278421	-	afd	afd	Buffer overflow in Automatic File Distributor (AFD) 1.2.14 and earlier allows local users to gain privileges via a long MON_WORK_DIR environment variable or -w (workdir) argument to (1) afd, (2) afdc…	NVD-CWE-Other	CVE-2002-1503	2008-09-6 05:30	2003-04-2	Show	GitHub Exploit DB Packet Storm

278422	-	radiobird_software	webserver_4_everyone	Directory traversal vulnerability in WebServer 4 Everyone 1.22 allows remote attackers to read arbitrary files via "..\" (dot-dot backslash) sequences in a URL.	NVD-CWE-Other	CVE-2002-1504	2008-09-6 05:30	2003-04-2	Show	GitHub Exploit DB Packet Storm

278423	-	woltlab	burning_board	SQL injection vulnerability in board.php for WoltLab Burning Board (wBB) 2.0 RC 1 and earlier allows remote attackers to modify the database and possibly gain privileges via the boardid parameter.	NVD-CWE-Other	CVE-2002-1505	2008-09-6 05:30	2003-04-2	Show	GitHub Exploit DB Packet Storm

278424	-	jacques_gelinas	linuxconf	Buffer overflow in Linuxconf before 1.28r4 allows local users to execute arbitrary code via a long LINUXCONF_LANG environment variable, which overflows an error string that is generated.	NVD-CWE-Other	CVE-2002-1506	2008-09-6 05:30	2003-04-2	Show	GitHub Exploit DB Packet Storm

278425	-	epic_games	unreal_tournament_server	Unreal Tournament 2003 (ut2003) clients and servers allow remote attackers to cause a denial of service via malformed messages containing a small number of characters to UDP ports 7778 or 10777.	NVD-CWE-Other	CVE-2002-1507	2008-09-6 05:30	2003-04-2	Show	GitHub Exploit DB Packet Storm

278426	-	xfree86_project	x11r6	xdm, with the authComplain variable set to false, allows arbitrary attackers to connect to the X server if the xdm auth directory does not exist.	NVD-CWE-Other	CVE-2002-1510	2008-09-6 05:30	2003-03-3	Show	GitHub Exploit DB Packet Storm

278427	-	tolis_group	bru	xbru in BRU Workstation 17.0 allows local users to overwrite arbitrary files and gain root privileges via a symlink attack on the xbru_dscheck.dd temporary file.	NVD-CWE-Other	CVE-2002-1512	2008-09-6 05:30	2003-04-2	Show	GitHub Exploit DB Packet Storm

278428	-	compaq	tcp-ip_services	The UCX POP server in HP TCP/IP services for OpenVMS 4.2 through 5.3 allows local users to truncate arbitrary files via the -logfile command line option, which overrides file system permissions becau…	NVD-CWE-Other	CVE-2002-1513	2008-09-6 05:30	2003-04-2	Show	GitHub Exploit DB Packet Storm

278429	-	borland_software	interbase	gds_lock_mgr in Borland InterBase allows local users to overwrite files and gain privileges via a symlink attack on a "isc_init1.X" temporary file, as demonstrated by modifying the xinetdbd file.	NVD-CWE-Other	CVE-2002-1514	2008-09-6 05:30	2003-04-2	Show	GitHub Exploit DB Packet Storm

278430	-	coolforum	coolforum	Directory traversal vulnerability in avatar.php in CoolForum 0.5 beta allows remote attackers to read arbitrary files via .. (dot dot) sequences in the img parameter.	NVD-CWE-Other	CVE-2002-1515	2008-09-6 05:30	2003-04-2	Show	GitHub Exploit DB Packet Storm